Desenvolvimento de um Sistema de Ataques Side-Channel

Detalhes bibliográficos
Autor(a) principal: Oliveira, João Pedro Martins de
Data de Publicação: 2022
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10400.22/21078
Resumo: Nowadays consumers expect their IoT devices and data to be adequately protected against any vulnerability. As such, the implementation of protection layers should no longer be taken into account once the device is fully developed. The most common method of ensuring the security of the devices is based on the encryption of the communication sent and received by the device. Regardless of the complexity of the algorithm and the theoretical protection against brute force attacks, the attackers have evolved their strategies. Despite the developers’ best efforts to secure and encrypt the device’s communications, there will always be some leakage of information somewhere in the device. Similarly, the attackers have now started to exploit and analyze these leaks in order to successfully break into the so-called secure devices. By its very nature, these leaks of information will always exist, and consequently, the developers should find countermeasures to either confuse the attacker with worthless information or somehow decorrelating the leaked information from the truth. In this context, the work presented in this report presents the development of methods to verify the difficulty of decryption of the different AES 128-bit modes through power analysis, and an application developed to simplify this task for future use. Lastly, the results of the attacks performed on different targets are presented. These include a Raspberry Pi 4 and an Arduino Nano which were not successful due to the overpowering existing noise, and the ChipWhisperer Lite ARM target with 5 different AES 128-bit modes which were successfully attacked, even with countermeasures implemented.
id RCAP_1b51f1b0d41c4ccb6f56b102f609634b
oai_identifier_str oai:recipp.ipp.pt:10400.22/21078
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Desenvolvimento de um Sistema de Ataques Side-ChannelSide-channel AttackPower AnalysisAES 128-bitChipWhispererRaspberry PiArduinoNowadays consumers expect their IoT devices and data to be adequately protected against any vulnerability. As such, the implementation of protection layers should no longer be taken into account once the device is fully developed. The most common method of ensuring the security of the devices is based on the encryption of the communication sent and received by the device. Regardless of the complexity of the algorithm and the theoretical protection against brute force attacks, the attackers have evolved their strategies. Despite the developers’ best efforts to secure and encrypt the device’s communications, there will always be some leakage of information somewhere in the device. Similarly, the attackers have now started to exploit and analyze these leaks in order to successfully break into the so-called secure devices. By its very nature, these leaks of information will always exist, and consequently, the developers should find countermeasures to either confuse the attacker with worthless information or somehow decorrelating the leaked information from the truth. In this context, the work presented in this report presents the development of methods to verify the difficulty of decryption of the different AES 128-bit modes through power analysis, and an application developed to simplify this task for future use. Lastly, the results of the attacks performed on different targets are presented. These include a Raspberry Pi 4 and an Arduino Nano which were not successful due to the overpowering existing noise, and the ChipWhisperer Lite ARM target with 5 different AES 128-bit modes which were successfully attacked, even with countermeasures implemented.Atualmente, os consumidores esperam que os seus dispositivos IoT e respetivos dados sejam adequadamente protegidos contra qualquer vulnerabilidade. Como tal, a implementação de camadas de proteção deverá deixar de ser tido em conta uma vez que o dispositivo esteja completamente desenvolvido. O método mais comum para garantir a segurança dos dispositivos é baseado na encriptação das comunicações do dispositivo. Independentemente da complexidade do algoritmo usado e a proteção teórica contra-ataques por força bruta, os atacantes evoluíram as suas estratégias. Apesar dos melhores esforços dos criadores para proteger e codificar as comunicações do dispositivo, há sempre alguma fuga de informação algures no dispositivo (informação side-channel) em forma de vibrações, flutuações na alimentação do sistema, radiação eletromagnética, etc. Os atacantes já começaram a explorar e analisar estas fugas de modo a invadir com sucesso os dispositivos e devido à sua própria natureza, estas fugas de informação existirão sempre. Consequentemente, os criadores dos sistemas devem desenvolver e implementar contramedidas para confundir o atacante com informação inútil ou de alguma forma descorrelacionar a informação libertada da verdade. Neste contexto, o trabalho apresentado neste relatório apresenta o desenvolvimento de métodos para verificar a dificuldade de descodificação dos diferentes modos AES de 128 bits através da análise da alimentação e uma aplicação desenvolvida para simplificar esta tarefa para utilização futura. Finalmente, são apresentados os resultados dos ataques realizados aos diferentes alvos. Estes incluem um Raspberry Pi 4 e um Arduino Nano os quais não foram bem sucedidos devido ao ruído excessivo existente, e o alvo ARM do ChipWhisperer Lite com 5 diferentes modos AES 128-bit que foram atacados com sucesso, mesmo com contramedidas implementadas.Santos, Veríssimo Manuel Brandão LimaRepositório Científico do Instituto Politécnico do PortoOliveira, João Pedro Martins de2022-11-25T15:36:56Z20222022-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10400.22/21078TID:203086740enginfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-03-13T13:16:54Zoai:recipp.ipp.pt:10400.22/21078Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T17:41:10.063811Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Desenvolvimento de um Sistema de Ataques Side-Channel
title Desenvolvimento de um Sistema de Ataques Side-Channel
spellingShingle Desenvolvimento de um Sistema de Ataques Side-Channel
Oliveira, João Pedro Martins de
Side-channel Attack
Power Analysis
AES 128-bit
ChipWhisperer
Raspberry Pi
Arduino
title_short Desenvolvimento de um Sistema de Ataques Side-Channel
title_full Desenvolvimento de um Sistema de Ataques Side-Channel
title_fullStr Desenvolvimento de um Sistema de Ataques Side-Channel
title_full_unstemmed Desenvolvimento de um Sistema de Ataques Side-Channel
title_sort Desenvolvimento de um Sistema de Ataques Side-Channel
author Oliveira, João Pedro Martins de
author_facet Oliveira, João Pedro Martins de
author_role author
dc.contributor.none.fl_str_mv Santos, Veríssimo Manuel Brandão Lima
Repositório Científico do Instituto Politécnico do Porto
dc.contributor.author.fl_str_mv Oliveira, João Pedro Martins de
dc.subject.por.fl_str_mv Side-channel Attack
Power Analysis
AES 128-bit
ChipWhisperer
Raspberry Pi
Arduino
topic Side-channel Attack
Power Analysis
AES 128-bit
ChipWhisperer
Raspberry Pi
Arduino
description Nowadays consumers expect their IoT devices and data to be adequately protected against any vulnerability. As such, the implementation of protection layers should no longer be taken into account once the device is fully developed. The most common method of ensuring the security of the devices is based on the encryption of the communication sent and received by the device. Regardless of the complexity of the algorithm and the theoretical protection against brute force attacks, the attackers have evolved their strategies. Despite the developers’ best efforts to secure and encrypt the device’s communications, there will always be some leakage of information somewhere in the device. Similarly, the attackers have now started to exploit and analyze these leaks in order to successfully break into the so-called secure devices. By its very nature, these leaks of information will always exist, and consequently, the developers should find countermeasures to either confuse the attacker with worthless information or somehow decorrelating the leaked information from the truth. In this context, the work presented in this report presents the development of methods to verify the difficulty of decryption of the different AES 128-bit modes through power analysis, and an application developed to simplify this task for future use. Lastly, the results of the attacks performed on different targets are presented. These include a Raspberry Pi 4 and an Arduino Nano which were not successful due to the overpowering existing noise, and the ChipWhisperer Lite ARM target with 5 different AES 128-bit modes which were successfully attacked, even with countermeasures implemented.
publishDate 2022
dc.date.none.fl_str_mv 2022-11-25T15:36:56Z
2022
2022-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.22/21078
TID:203086740
url http://hdl.handle.net/10400.22/21078
identifier_str_mv TID:203086740
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799131499469996032

Registros relacionados